The University of North Carolina at Chapel Hill Company CyberSecurity Posture
unc.edu
Carolina’s vibrant people and programs attest to the University’s long-standing place among leaders in higher education since it was chartered in 1789 and opened its doors for students in 1795 as the nation’s first public university. Situated in the beautiful college town of Chapel Hill, N.C., UNC has earned a reputation as one of the best universities in the world. Carolina prides itself on a strong, diverse student body, academic opportunities not found anywhere else, and a value unmatched by any public university in the nation. UNC-Chapel Hill's LinkedIn comments guidelines: Thank you for liking the LinkedIn page of the University of North Carolina at Chapel Hill. This page highlights information about the people and programs at Carolina. Consistent with UNC-Chapel Hill’s Policy on Prohibited Discrimination, Harassment and Related Misconduct, and the North Carolina Campus Free Speech Act, we encourage your comments and opinions as they relate to our posts. This page is actively monitored for relevance. Carolina reserves the right to remove any comments that are not related to the particular post, make unsupported accusations, contain ad-hominem attacks, use obscene language or images, are blatant spam, contain advertisements, or contain inappropriate personal information or sensitive information. Repeated violation of these guidelines or behavior that substantially disrupts the maintenance of this page could result in a user being blocked from the page. Thanks for keeping the page enjoyable for everyone. Go Tar Heels!
Company Details
university-of-north-carolina-at-chapel-hill
20,123
409,561
6113
unc.edu
299
THE_1430455
Completed
UNCCH Risk Score (AI oriented)Between 750 and 799
UNCCH Global Score (TPRM)XXXX
Description: An estimated 3716 people were told by the university of north carolina at chapel hill school of medicine that their information had been the target of a cyberattack. which found that some workers were duped by a phishing scam and that their email accounts may have been compromised. UNC only mentions that they first confirmed the incident on September 13, 2019, but does not specify when they originally learned of it. Patients' names, dates of birth, and demographic information including residences, health insurance information, health information, Social Security numbers, financial account information, and/or credit card information were all possible components of the PII/PHI.
Description: UNC Health Care suffered a data breach incident that exposed 24,000 patients' information in December 2017. The exposed information includes names, addresses, phone numbers, employment status, employer names, birth dates, and Social Security numbers. The affected patients were offered free credit monitoring services for one year.
No incidents recorded for The University of North Carolina at Chapel Hill in 2026.
No incidents recorded for The University of North Carolina at Chapel Hill in 2026.
No incidents recorded for The University of North Carolina at Chapel Hill in 2026.
UNCCH cyber incidents detection timeline including parent company and subsidiaries
Carolina’s vibrant people and programs attest to the University’s long-standing place among leaders in higher education since it was chartered in 1789 and opened its doors for students in 1795 as the nation’s first public university. Situated in the beautiful college town of Chapel Hill, N.C., UNC has earned a reputation as one of the best universities in the world. Carolina prides itself on a strong, diverse student body, academic opportunities not found anywhere else, and a value unmatched by any public university in the nation. UNC-Chapel Hill's LinkedIn comments guidelines: Thank you for liking the LinkedIn page of the University of North Carolina at Chapel Hill. This page highlights information about the people and programs at Carolina. Consistent with UNC-Chapel Hill’s Policy on Prohibited Discrimination, Harassment and Related Misconduct, and the North Carolina Campus Free Speech Act, we encourage your comments and opinions as they relate to our posts. This page is actively monitored for relevance. Carolina reserves the right to remove any comments that are not related to the particular post, make unsupported accusations, contain ad-hominem attacks, use obscene language or images, are blatant spam, contain advertisements, or contain inappropriate personal information or sensitive information. Repeated violation of these guidelines or behavior that substantially disrupts the maintenance of this page could result in a user being blocked from the page. Thanks for keeping the page enjoyable for everyone. Go Tar Heels!
There’s a reason Penn State consistently ranks among the top one percent of the world’s universities. Across 24 campuses, our nearly 88,000 students and 17,000 faculty and staff know the real measure of success goes beyond the classroom—it’s the positive impact made on communities across the world.
FIU is Miami's public research university. Offering bachelor's, master's and doctoral degrees, both on campus and fully online. Designated a Preeminent State Research University, FIU emphasizes research as a major component in the university's mission. For more than 50 years, FIU has positioned
Washington University in St. Louis, a medium-sized, independent university, is dedicated to challenging its faculty and students alike to seek new knowledge and greater understanding of an ever-changing, multicultural world. The university has played an integral role in the history and continuing gr
Alma Mater Studiorum - Università di Bologna operates on the principle that every individual carries within themselves a unique and unrepeatable potential. Active listening and dialogue guide the work of the University of Bologna, which promotes, in all its activities, inclusion, equity, and dive
Founded in 1827, the University of Toronto is Canada’s top university with a long history of challenging the impossible and transforming society through the ingenuity and resolve of our faculty, students, alumni, and supporters. We are proud to be one of the world’s top research-intensive univers
In achievement and prestige, the University of Wisconsin–Madison has long been recognized as one of America's great universities. A public, land-grant institution, UW–Madison offers a complete spectrum of liberal arts studies, professional programs and student activities. Spanning 936 acres along th
One of the largest universities in the United States, The Ohio State University is a leading research university and the model for Ohio's public higher education institutes. Founded in 1870 as a land-grant university, it consistently ranks as one of the top public universities in the United States.
As the State's flagship, the University of Maryland (UMD) strives to bring students deeply into the process of discovery, innovation and entrepreneurship. Whenever possible, hands-on research complements classroom instruction. Interdisciplinary collaborations facilitate the understanding of complex
Founded in 1888, Pontificia Universidad Católica de Chile is currently one of the leading higher education institutions in Latin America. Approximately 22,000 students are enrolled in graduate and undergraduate programs, which encompass a wide range of disciplines and professional schools. Its fa
.png)
The new strategic plan will ensure that Carolina's research makes even greater impacts, says Penny Gordon-Larsen.
From Carolina Global Launch to the Rangel Fellowship, Emma Sampson '25 paves her own way as a global problem-solver.
CYBERBOWL-Open to all A&T Faculty, Staff and Students. From Oct. 1-31,2025, students, faculty and staff can complete a short quiz about...
Data breaches have recently been announced by Coos County Family Health Services in New Hampshire, Roush Fenway Keselowski Racing in North...
VILLANOVA, Pa. (WPVI) -- According to a report released Wednesday, analysts with the Center for Internet Security (CIS) and the Institute...
As artificial intelligence radically reshapes business, around 90% of organisations do not believe they are adequately prepared to secure...
The College of Behavioral and Community Sciences is pleased to share that George Burruss, PhD, professor and associate chair in the...
This pioneering technique utilizes CH amination and a polymer rearrangement strategy to transform discarded rubber into valuable precursors for epoxy resins.
As Wyoming aspires to be an energy powerhouse, a new generation of cybersecurity defenders is training in Wyoming and at the Idaho National Lab.
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
The official website of The University of North Carolina at Chapel Hill is http://unc.edu.
According to Rankiteo, The University of North Carolina at Chapel Hill’s AI-generated cybersecurity score is 767, reflecting their Fair security posture.
According to Rankiteo, The University of North Carolina at Chapel Hill currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
According to Rankiteo, The University of North Carolina at Chapel Hill has not been affected by any supply chain cyber incidents, and no incident IDs are currently listed for the organization.
According to Rankiteo, The University of North Carolina at Chapel Hill is not certified under SOC 2 Type 1.
According to Rankiteo, The University of North Carolina at Chapel Hill does not hold a SOC 2 Type 2 certification.
According to Rankiteo, The University of North Carolina at Chapel Hill is not listed as GDPR compliant.
According to Rankiteo, The University of North Carolina at Chapel Hill does not currently maintain PCI DSS compliance.
According to Rankiteo, The University of North Carolina at Chapel Hill is not compliant with HIPAA regulations.
According to Rankiteo,The University of North Carolina at Chapel Hill is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
The University of North Carolina at Chapel Hill operates primarily in the Higher Education industry.
The University of North Carolina at Chapel Hill employs approximately 20,123 people worldwide.
The University of North Carolina at Chapel Hill presently has no subsidiaries across any sectors.
The University of North Carolina at Chapel Hill’s official LinkedIn profile has approximately 409,561 followers.
The University of North Carolina at Chapel Hill is classified under the NAICS code 6113, which corresponds to Colleges, Universities, and Professional Schools.
No, The University of North Carolina at Chapel Hill does not have a profile on Crunchbase.
Yes, The University of North Carolina at Chapel Hill maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/university-of-north-carolina-at-chapel-hill.
As of January 24, 2026, Rankiteo reports that The University of North Carolina at Chapel Hill has experienced 2 cybersecurity incidents.
The University of North Carolina at Chapel Hill has an estimated 15,186 peer or competitor companies worldwide.
Incident Types: The types of cybersecurity incidents that have occurred include Data Leak.
Title: UNC Health Care Data Breach
Description: UNC Health Care suffered a data breach incident that exposed 24,000 patients' information in December 2017. The exposed information includes names, addresses, phone numbers, employment status, employer names, birth dates, and Social Security numbers. The affected patients were offered free credit monitoring services for one year.
Type: Data Breach
Title: Phishing Attack on University of North Carolina at Chapel Hill School of Medicine
Description: An estimated 3716 people were told by the University of North Carolina at Chapel Hill School of Medicine that their information had been the target of a cyberattack, which found that some workers were duped by a phishing scam and that their email accounts may have been compromised. UNC only mentions that they first confirmed the incident on September 13, 2019, but does not specify when they originally learned of it. Patients' names, dates of birth, and demographic information including residences, health insurance information, health information, Social Security numbers, financial account information, and/or credit card information were all possible components of the PII/PHI.
Date Publicly Disclosed: 2019-09-13
Type: Phishing
Attack Vector: Phishing Email
Vulnerability Exploited: Human Error
Common Attack Types: The most common types of attacks the company has faced is Data Leak.
Identification of Attack Vectors: The company identifies the attack vectors used in incidents through Phishing Email.
Data Compromised: Names, Addresses, Phone numbers, Employment status, Employer names, Birth dates, Social security numbers
Data Compromised: Patients' names, Dates of birth, Demographic information, Health insurance information, Health information, Social security numbers, Financial account information, Credit card information
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Names, Addresses, Phone Numbers, Employment Status, Employer Names, Birth Dates, Social Security Numbers, , Pii, Phi and .
Entity Name: UNC Health Care
Entity Type: Healthcare
Industry: Healthcare
Customers Affected: 24000
Entity Name: University of North Carolina at Chapel Hill School of Medicine
Entity Type: Educational Institution
Industry: Education
Location: Chapel Hill, North Carolina
Customers Affected: 3716
Type of Data Compromised: Names, Addresses, Phone numbers, Employment status, Employer names, Birth dates, Social security numbers
Number of Records Exposed: 24000
Sensitivity of Data: High
Type of Data Compromised: Pii, Phi
Number of Records Exposed: 3716
Sensitivity of Data: High
Personally Identifiable Information: Patients' namesDates of birthDemographic informationHealth insurance informationHealth informationSocial Security numbersFinancial account informationCredit card information
Source: University of North Carolina at Chapel Hill School of Medicine
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: University of North Carolina at Chapel Hill School of Medicine.
Entry Point: Phishing Email
Root Causes: Human Error
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2019-09-13.
Most Significant Data Compromised: The most significant data compromised in an incident were names, addresses, phone numbers, employment status, employer names, birth dates, Social Security numbers, , Patients' names, Dates of birth, Demographic information, Health insurance information, Health information, Social Security numbers, Financial account information, Credit card information and .
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were addresses, Health insurance information, Social Security numbers, Health information, employer names, birth dates, Dates of birth, Patients' names, Credit card information, employment status, Demographic information, names, Financial account information and phone numbers.
Number of Records Exposed in Most Significant Breach: The number of records exposed in the most significant breach was 617.0.
Most Recent Source: The most recent source of information about an incident is University of North Carolina at Chapel Hill School of Medicine.
Most Recent Entry Point: The most recent entry point used by an initial access broker was an Phishing Email.
.png)
Improper validation of specified type of input in M365 Copilot allows an unauthorized attacker to disclose information over a network.
Improper access control in Azure Front Door (AFD) allows an unauthorized attacker to elevate privileges over a network.
Azure Entra ID Elevation of Privilege Vulnerability
Moonraker is a Python web server providing API access to Klipper 3D printing firmware. In versions 0.9.3 and below, instances configured with the "ldap" component enabled are vulnerable to LDAP search filter injection techniques via the login endpoint. The 401 error response message can be used to determine whether or not a search was successful, allowing for brute force methods to discover LDAP entries on the server such as user IDs and user attributes. This issue has been fixed in version 0.10.0.
Runtipi is a Docker-based, personal homeserver orchestrator that facilitates multiple services on a single server. Versions 3.7.0 and above allow an authenticated user to execute arbitrary system commands on the host server by injecting shell metacharacters into backup filenames. The BackupManager fails to sanitize the filenames of uploaded backups. The system persists user-uploaded files directly to the host filesystem using the raw originalname provided in the request. This allows an attacker to stage a file containing shell metacharacters (e.g., $(id).tar.gz) at a predictable path, which is later referenced during the restore process. The successful storage of the file is what allows the subsequent restore command to reference and execute it. This issue has been fixed in version 4.7.0.
Get company history
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rapid